NAME | SYNOPSIS | DESCRIPTION | RETURN VALUE | ERRORS | SEE ALSO | AUTHOR | COLOPHON |
|
|
AUDIT_LOG_USER_COMMAND(3) Linux Audit API AUDIT_LOG_USER_COMMAND(3)
audit_log_user_command - log a user command
#include <libaudit.h> int audit_log_user_command(int audit_fd, int type, const char *command, const char *tty, int result);
This function will log a command to the audit system using a predefined message format. It encodes the command as the audit system expects for untrusted strings. This function should be used by all apps need to record commands. The function parameters are as follows: audit_fd - The fd returned by audit_open type - type of message, ex: AUDIT_USYS_CONFIG, AUDIT_USER_LOGIN command - the command being logged tty - The tty of the user, if NULL will attempt to figure out result - 1 is "success" and 0 is "failed"
It returns the sequence number which is > 0 on success or <= 0 on error.
This function returns -1 on failure. Examine errno for more info.
audit_log_user_message(3), audit_log_user_comm_message(3), audit_log_acct_message(3), audit_log_user_avc_message(3), audit_log_semanage_message(3).
Steve Grubb
This page is part of the audit (Linux Audit) project.
Information about the project can be found at
⟨http://people.redhat.com/sgrubb/audit/⟩. If you have a bug
report for this manual page, send it to [email protected].
This page was obtained from the project's upstream Git repository
⟨https://github.com/linux-audit/audit-userspace.git⟩ on
2024-06-14. (At that time, the date of the most recent commit
that was found in the repository was 2024-06-12.) If you
discover any rendering problems in this HTML version of the page,
or you believe there is a better or more up-to-date source for
the page, or you have corrections or improvements to the
information in this COLOPHON (which is not part of the original
manual page), send a mail to [email protected]
Red Hat Feb 2007 AUDIT_LOG_USER_COMMAND(3)